def authorize_token(): try: oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: raise OAuthError('Invalid request parameters.') # get the request token token = oauth_server.fetch_request_token(oauth_request) oauth_map = OAuthMap.get_from_request_token(token.key_) if not oauth_map: raise OAuthError("Unable to find oauth_map from request token " "during authorization.") # Get user from oauth map using either FB or Google access token user_data = oauth_map.get_user_data() if not user_data: raise OAuthError("User not logged in during authorize_token " "process.") # For now we don't require user intervention to authorize our tokens, # since the user already authorized FB/Google. If we need to do this # for security reasons later, there's no reason we can't. token = oauth_server.authorize_token(token, user_data.user) oauth_map.verifier = token.verifier oauth_map.put() return custom_scheme_redirect( oauth_map.callback_url_with_request_token_params( include_verifier=True)) except OAuthError, e: return oauth_error_response(e)
def authorize_token(): try: oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: raise OAuthError('Invalid request parameters.') # get the request token token = oauth_server.fetch_request_token(oauth_request) oauth_map = OAuthMap.get_from_request_token(token.key_) if not oauth_map: raise OAuthError("Unable to find oauth_map from request token " "during authorization.") # Get user from oauth map using either FB or Google access token user_data = oauth_map.get_user_data() if not user_data: raise OAuthError("User not logged in during authorize_token " "process.") # For now we don't require user intervention to authorize our tokens, # since the user already authorized FB/Google. If we need to do this # for security reasons later, there's no reason we can't. token = oauth_server.authorize_token(token, user_data.user) oauth_map.verifier = token.verifier oauth_map.put() return custom_scheme_redirect( oauth_map.callback_url_with_request_token_params( include_verifier=True)) except OAuthError, e: return oauth_error_response(e)
def access_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our access token token = oauth_server.fetch_access_token(oauth_request) if not token: return oauth_error_response(OAuthError("Cannot find corresponding " "access token.")) # Grab the mapping of access tokens to our identity providers oauth_map = OAuthMap.get_from_request_token( oauth_request.get_parameter("oauth_token")) if not oauth_map: return oauth_error_response(OAuthError("Cannot find oauth mapping " "for request token.")) oauth_map.access_token = token.key_ oauth_map.access_token_secret = token.secret oauth_map.put() except OAuthError, e: return oauth_error_response(e)
def access_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our access token token = oauth_server.fetch_access_token(oauth_request) if not token: return oauth_error_response( OAuthError("Cannot find corresponding " "access token.")) # Grab the mapping of access tokens to our identity providers oauth_map = OAuthMap.get_from_request_token( oauth_request.get_parameter("oauth_token")) if not oauth_map: return oauth_error_response( OAuthError("Cannot find oauth mapping " "for request token.")) oauth_map.access_token = token.key_ oauth_map.access_token_secret = token.secret oauth_map.put() except OAuthError, e: return oauth_error_response(e)
def access_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our access token token = oauth_server.fetch_access_token(oauth_request) if not token: return oauth_error_response(OAuthError("Cannot find corresponding access token.")) # Grab the mapping of access tokens to our identity providers oauth_map = OAuthMap.get_from_request_token(oauth_request.get_parameter("oauth_token")) if not oauth_map: return oauth_error_response(OAuthError("Cannot find oauth mapping for request token.")) oauth_map.access_token = token.key_ oauth_map.access_token_secret = token.secret oauth_map.put() # Flush the "apply phase" of the above put() to ensure that subsequent # retrievals of this OAuthmap returns fresh data. GAE's HRD can # otherwise take a second or two to propagate the data, and the # client may use the access token quicker than that. oauth_map = OAuthMap.get(oauth_map.key()) except OAuthError, e: return oauth_error_response(e)
@route("/api/auth/request_token", methods=["GET", "POST"]) @decorators.manual_access_checking def request_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our request token token = oauth_server.fetch_request_token(oauth_request) except OAuthError, e: return oauth_error_response(e) if OAuthMap.get_from_request_token(token.key_): logging.error("OAuth key %s already used" % token.key_) params = dict([(key, request.get(key)) for key in request.arguments()]) logging.info("params: %r" % params) logging.info("Authorization: %s", request.headers.get('Authorization')) return oauth_error_response(OAuthError("OAuth parameters already " "used.")) # Start a new OAuth mapping oauth_map = OAuthMap() oauth_map.request_token_secret = token.secret oauth_map.request_token = token.key_ oauth_map.callback_url = requested_oauth_callback() if request.values.get("view") == "mobile": oauth_map.view = "mobile"
@route("/api/auth/request_token", methods=["GET", "POST"]) @decorators.manual_access_checking def request_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our request token token = oauth_server.fetch_request_token(oauth_request) except OAuthError, e: return oauth_error_response(e) if OAuthMap.get_from_request_token(token.key_): logging.error("OAuth key %s already used" % token.key_) params = dict([(key, request.get(key)) for key in request.arguments()]) logging.info("params: %r" % params) logging.info("Authorization: %s", request.headers.get('Authorization')) return oauth_error_response( OAuthError("OAuth parameters already " "used.")) # Start a new OAuth mapping oauth_map = OAuthMap() oauth_map.request_token_secret = token.secret oauth_map.request_token = token.key_ oauth_map.callback_url = requested_oauth_callback() if request.values.get("view") == "mobile":
# hands off to Google/Facebook to gather the appropriate request tokens. @route("/api/auth/request_token", methods=["GET", "POST"]) def request_token(): oauth_server, oauth_request = initialize_server_request(request) if oauth_server is None: return oauth_error_response(OAuthError('Invalid request parameters.')) try: # Create our request token token = oauth_server.fetch_request_token(oauth_request) except OAuthError, e: return oauth_error_response(e) if OAuthMap.get_from_request_token(token.key_): return oauth_error_response(OAuthError("OAuth parameters already used.")) # Start a new OAuth mapping oauth_map = OAuthMap() oauth_map.request_token_secret = token.secret oauth_map.request_token = token.key_ oauth_map.callback_url = requested_oauth_callback() if request.values.get("view") == "mobile": oauth_map.view = "mobile" oauth_map.put() chooser_url = "/login/mobileoauth?oauth_map_id=%s&view=%s" % (oauth_map.key().id(), oauth_map.view)